Security Tools for Mobile Phones Slow to Take Off

The market for software to protect mobile devices such as smartphones has yet to take off despite brisk sales of devices such as Research in Motion's BlackBerry and Apple's iPhone.

Symantec Chief Operating Officer Enrique Salem estimates that it is currently worth a few hundred million dollars a year.

"It is growing. But given the number of handsets, the number of smartphones, you would think it would be growing at a much higher rate," Salem said. "I can't give you an exact number but it is not as fast as you might think."

Like Symantec, McAfee sells security products for mobile devices and has more in the works.

"Certainly we see opportunity there," McAfee CEO Dave DeWalt said.

For now, security on mobile devices is seen as an extra feature on programs designed to fight malicious software on personal computers and laptops, said Mike Haro, senior analyst with Sophos, the largest privately held security software maker.

But that is starting to change, he said.

"Customers are beginning to look at what their strategy is for smartphones," he said.

Some of the most sophisticated security products for mobile devices are available in Japan, where carriers like NTT DoCoMo offer security software that customers can download onto their phones. They pay a monthly subscription fee to use the software, Salem said.

"You are starting to see more and more of that type of strategy being deployed. It is another service for them that they can make money off of, as well as important protection to the device itself," DeWalt said at the summit.

Experts say that one reason for the slow growth is that unlike the world of personal computers--where Microsoft's Windows operating system sits on the vast majority of machines that are shipped--a dominant platform has yet to emerge for mobile devices.

That makes them less attractive to hackers, who don't want to bother worrying about developing technology to break into multiple systems.

"If you're a bad guy looking to make money off of somebody, you want to spend the least amount of effort to do that. The quickest path to riches is usually the fast one," said Andrew Jaquith, a security analyst with The Yankee Group.

So the chances of getting hit by a hacker are far smaller than those of data on a lost mobile device being compromised when somebody picks it up from the back of a taxi.

"If we're talking security on smartphones, we are talking about encryption, or we are talking about remote wipe," Jaquith said.

Mark Rasch, managing director for technology at FTI Consulting, says his firm's clients are increasingly asking whether they should be worried about mobile phone security.

He says that they should be worried about risks associated with loss of the devices, rather than the prospects of a rogue hacker breaking in.

Mobile encryption and remote wiping software are necessary to keep those devices safe and are effective in doing so when the right products are used, said Rasch, an attorney who spent 25 years prosecuting computer crimes for the U.S. Department of Justice before moving to FTI.